Presentation is loading. Please wait.

Presentation is loading. Please wait.

System Center Configuration Manager Cloud Services – Cloud Distribution Point Presented By: Ginu Tausif.

Published byArthur Groen Modified over 5 years ago

Similar presentations

Presentation on theme: "System Center Configuration Manager Cloud Services – Cloud Distribution Point Presented By: Ginu Tausif."— Presentation transcript:

1 System Center Configuration Manager Cloud Services – Cloud Distribution Point
Presented By: Ginu Tausif

2 Cloud Distribution Point
A cloud distribution point is a Configuration Manager distribution point that is hosted as Platform-as-a-Service (PaaS) in Microsoft Azure. CDP service supports the following scenarios: Provide software content to internet-based clients without additional on-premises infrastructure Cloud-enable your content distribution system Reduce the need for traditional distribution points

3 CDP over local DPs ? The cloud distribution point has following additional benefits: The site encrypts the content before sending it to the cloud distribution point in Azure. To meet changing demands for content requests by clients, manually scale the cloud service in Azure. This action doesn't require that you install and provision additional distribution points in Configuration Manager. Supports content download from clients configured for other content technologies, such as Windows BranchCache and alternate content providers. Reduce the overhead of managing Content Library and local drive space as Blob Storage is used with CDP

4 New Features Add-On Starting in version 1806, use cloud distribution points as source locations for pull-distribution points Cloud distribution point support for Azure Resource Manager beginning with 1806. Cloud distribution point site affinity from version 1802. Prefer cloud distribution points over distribution points beginning with 1810

5 CDP Requirements You need an Azure subscription to host the service along with Global Administrator rights in Azure Note: This persona doesn't require permissions in Configuration Manager. The site server requires internet access to deploy and manage the cloud service. Set the client setting, “Allow access to cloud distribution points” to Yes in the Cloud Services group. By default, this value is set to No. Client devices require internet connectivity, and must use IPv4.

6 CDP Certificate Requirements
Depending upon your cloud distribution point design, you need one or more digital certificates. Certificates for cloud distribution points support the following configurations: 4096 bit key length Starting in version 1710, support for Version 3 certificates. Starting in version 1802, when you configure Windows with the following policy: System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Starting in version 1802, support for TLS 1.2.

7 Contd… 1) Azure management certificate
If using the Azure classic deployment method, you need an Azure management certificate. The Configuration Manager site server uses this certificate to authenticate with Azure to create and manage the classic deployment. The classic deployment method is deprecated as of version 1810. To reduce complexity, use the same Azure management certificate for all classic deployments of cloud distribution points and cloud management gateways, across all Azure subscriptions and all Configuration Manager sites.

8 Contd… 2) Server authentication certificate
This certificate is required for all cloud distribution point deployments. CMG trusted root certificate to clients Server authentication certificate issued by a) Public provider b) Enterprise PKI The cloud distribution point uses this type of certificate in the same way as the cloud management gateway. Clients also need to trust this certificate. To reduce complexity, Microsoft recommends using a certificate issued by a public provider. Note: When doing so, you also need a DNS CNAME alias for clients to resolve the name of the cloud service. Unless you use a wildcard certificate, don't reuse the same certificate. Each instance of the cloud distribution point and cloud management gateway requires a unique server authentication certificate.

9 Specifications The cloud distribution point supports all Windows versions listed in below article: and-devices An administrator distributes the following types of supported software content: a) Applications b) Packages c) OS upgrade packages d) Third-party software updates Important Tip: While the Configuration Manager console doesn't block the distribution of Microsoft software updates to a cloud distribution point, you're paying Azure costs to store content that clients don't use. Internet-based clients always get Microsoft software update content from the Microsoft Update cloud service. Don't distribute Microsoft software updates to a cloud distribution point.

10 Verifying Cloud Distribution Point Installation
In the background the Cloud DP manager component will connect to Azure and start creating the service. It can take up to 30 minutes to provision a new distribution point in Azure. Till then Cloud Distribution Point will be in provisioning status Cloud Distribution Point state can be monitored using CloudMgr.log Once the Cloud Distribution Point is ready, Configuration Manager displays a status message ID 9409 for the SMS_CLOUD_SERVICES_MANAGER component. We’ll also see that a Site System Server is created for Cloud Distribution Point under Servers and Site Systems Role. In Windows Azure Portal, we’ll see two cloud services created with running and online status. a) Storage Account Service b) Cloud Service

11 Client to cloud distribution point
The management point gives the client an access token along with the list of content sources. This token is valid for 24 hours, and gives the client access to the cloud distribution point. The management point responds to the client's location request with the Service FQDN of the cloud distribution point. This property is the same as the common name of the server authentication certificate. If you're using your domain name, for example, domain.contoso.com, then the client first tries to resolve this FQDN. You need a CNAME alias in your domain's internet-facing DNS for clients to resolve the Azure service name, for example: domain.cloudapp.net. The client next resolves the Azure service name, for example, domain.cloudapp.net, to a valid IP address. This response should be handled by Azure's DNS. The client connects to the cloud distribution point. Azure load balances the connection to one of the VM instances. The client authenticates itself using the access token. The cloud distribution point authenticates the client's access token, and then gives the client the exact content location in Azure storage. If the client trusts the cloud distribution point's server authentication certificate, it connects to Azure storage to download the content.

12 Limitations You can't use a cloud distribution point for PXE or multicast-enabled deployments. A cloud distribution point doesn't support App-V streaming applications. You can't prestage content on a cloud distribution point. The distribution manager of the primary site that manages the cloud distribution point transfers all content. A cloud distribution point doesn't support package deployments with the option to Run program from distribution point. Use the deployment option to Download content from distribution point and run locally

13 Logs for CDP Server Side:
CloudMgr.log: Records details about content provisioning, collecting storage and bandwidth statistics, and administrator-initiated actions to stop or start the cloud service that runs a cloud-based distribution point CloudDP-<guid>.log: Records details for a specific cloud-based distribution point, including information about storage and content access. CMGContentService.log: Starting in version 1806, when you enable a CMG to also serve content from Azure storage, this log records the details of that service.

14 Content Distribution and Download logs
Logs to check while distributing content to CDP: Distmgr.log PkgXferMgr.log  On client side: CAS.log ContentTransferManager.log & DataTransferService.log

Download ppt "System Center Configuration Manager Cloud Services – Cloud Distribution Point Presented By: Ginu Tausif."

Similar presentations

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.

Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.

Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.
Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: November 2011.

Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: November 2011.
Managing and Monitoring Windows 7 Performance Lesson 8.

Managing and Monitoring Windows 7 Performance Lesson 8.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.

Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
Module 11: Implementing ISA Server 2004 Enterprise Edition.

Module 11: Implementing ISA Server 2004 Enterprise Edition.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
SMS Software Distribution. Overview  Explaining How SMS Distributes Software  Managing Distribution Points  Configuring Software Distribution and the.

SMS Software Distribution. Overview  Explaining How SMS Distributes Software  Managing Distribution Points  Configuring Software Distribution and the.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Creating and Managing Digital Certificates Chapter Eleven.

Creating and Managing Digital Certificates Chapter Eleven.
ConfigMgr! Intune! Azure!ConfigMgr! Intune! Azure! Understanding Cloud Based Management Options Steven Rachui

ConfigMgr! Intune! Azure!ConfigMgr! Intune! Azure! Understanding Cloud Based Management Options Steven Rachui
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.

20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Service Pack 2 System Center Configuration Manager 2007.

Service Pack 2 System Center Configuration Manager 2007.

Similar presentations

Ads by Google